Mobile security in workplace
must be prioritised
Organisations are facing the
growing problem of managing
the increased number of
mobile devices being used
by employees. Jorina van
Rensburg, Managing Director
of Condyn, discusses how
companies can balance their
employees’ right to privacy with
maintaining enterprise security.
The more personal devices are involved
on the corporate network, the more
difficult it becomes to manage. And then
there is the small matter of ensuring
that employee devices (and the
multitude of platforms being used) can
access the corporate network and vice
versa. This can become an expensive
and complex process depending on the
size of the organisation.
Managing change
Consideration must also be paid to how
quickly mobile technologies evolve with
security solutions struggling to keep
up. This is especially the case when it
comes to the human factor, for example
data theft. With more personal devices
accessing mission-critical information,
decision-makers are finding it difficult
to maintain an efficient (and secure)
corporate perimeter.
Jorina van Rensburg, Managing Director
of Condyn
iven the number of mobile
devices employees use,
companies are under pressure
to manage these multiple touchpoints in
the organisation more effectively. But too
often, security falls by the wayside in the
rush to make communication easier.
G
www.intelligentciso.com
|
Issue 04
Fortunately, the company has the right
to forbid personal devices connecting
to the organisational IT infrastructure
and provide employees with corporate
This is where Mobile Device Management
(MDM) comes in to help regulate the use
of devices in the workplace. It enables
the business to monitor in real-time
how mobile devices are used and what
information is accessed.
MDM solutions, such as those
developed by SearchInform, can block
unknown devices that are trying to
connect to a source with confidential
information. And any data stored on
lost or stolen mobile devices can be
erased remotely to further safeguard
the organisation.
Looking ahead
The reality is that managing mobile
devices, employees’ use of data and
network resources, and securing all
potential entry points on corporate
infrastructure, have become
significantly complex. Businesses need
to have the right systems, policies and
procedures in place to mitigate these
threats or risk opening themselves up
to malicious attacks (both internally as
well as externally).
Today, most organisations allow
employees to use their personal devices.
But it must be remembered that these
should not be viewed as data channels.
Instead, the business should use them
as information receivers that access data
through those channels managed (and
protected) by the organisation. u
63
One of the most significant obstacles is
knowing where to draw the line between
personal and corporate use. Err on
the side of too much freedom and the
business can be viewed as afraid of
infringing on the rights of employees. The
flip side is also true. Placing too much
control in place and the organisation
is painted as Big Brother spying on the
personal lives of employees.
A few years ago, social networks, cloud
storage and Internet of Things devices
were not widespread. Employees did
not use their own devices at work and
could not easily download a large
amount of data to a removable disk.
Telephones were used only as a means
of communication. Today, things are a
bit different. Mobile phones can store a
significant amount of data, access the
Internet and be used for remote work.
And while it would be nice to control
all this activity, the employers have
no right to do this as these phones
are often the personal means of
communication for employees.
phones for business use. If devices
belong to a company, special monitoring
systems can be installed on them. The
downside is that employees will be
aware of the control and will still prefer
to use their personal phones.